Abnormal Security Raises $50M To Enhance Email Security Tool

Abnormal Security says it has tripled its annual recurring revenue and Fortune 500 customer base since the start of 2020 as the shift to remote work has enhanced the importance of email security.

Email security startup Abnormal Security has announced a Series B funding round to double the size of its machine-learning and data science teams.

The San Francisco-based early stage vendor’s $50 million round was led by Menlo Ventures with participation from early investor Greylock. Abnormal Security said it has tripled its annual recurring revenue and Fortune 500 customer base since the start of 2020 as the shift to remote work has only enhanced the importance of email security.

“The shift in attacker techniques to more personalized, socially engineered attacks requires a different approach,” Abnormal Security co-founder and CEO Evan Reiser said in a statement. “No amount of threat intelligence can stop an attack that’s never been seen before. The only way to do so is through AI-based behavioral detection.”

[Related: The 10 Hottest Cybersecurity Startups Of 2019]

Abnormal Security was founded in 2018, has raised $75 million in two rounds of outside funding and employs 81 people, up from just 56 employees a year ago, according to LinkedIn and Crunchbase. The company closed a $24 million Series A round led by Greylock in November 2019. Abnormal Security executives weren’t immediately available for additional comment.

“We were blown away by the positive feedback from Fortune 500 customers using Abnormal Security to protect their organizations from the most sophisticated email attacks,” Menlo Ventures partner Venky Ganesan said in a statement. “Customers unanimously raved about Abnormal’s product innovation and velocity.”

Abnormal Security said its AI threat detection engine analyzes a diverse set of data about people, relationships and business context to understand abnormal behavior and block socially engineered attacks. The threat detection engine clearly explains to users why an attack is blocked to provide transparency about the AI judgements applied to an environment, according to Abnormal Security.

The Abnormal platform deploys to Microsoft Office 365 and Google Workspace environments in one click through native API integrations, according to the company. The platform is designed to help large enterprise customers catch the attacks that bypass legacy secure email gateways without any tuning or maintenance required, Abnormal Security said.

Abnormal Security said its research found that business email compromise attack volume increased 15 percent from the second quarter of 2020 to the third quarter of 2020. Business email compromise attacks represent the single greatest cause of cybersecurity-related financial loss, according to the FBI Internet Crime Complaint Center.

“Abnormal’s AI-powered detection has autonomously stopped incredibly sophisticated attacks,” Mike Britton, chief security and privacy officer of Abnormal Security customer Alliance Data, said in a statement. “It’s not only saving time for my security team, but Abnormal’s cloud platform is one of the simplest solutions that we’ve ever implemented—it took just minutes.”

More than 70 percent of business email compromise attacks identified through Abnormal Security platform customer deployments were not initially blocked by secure email gateway offerings, the company said last year. The company said at the time that it analyzes more sources of data than other email security products, including data beyond email.

Crowdsourcing tools have struggled to pick up spear phishing, but the APIs in Office 365 have now made it possible to examine the sentiments in messages in a manner that goes beyond simply classifying them as bad or good, McAfee Chief Information Officer Scott Howitt told CRN in September. As a result, he said there’s an opportunity for companies like Abnormal Security to come in and disrupt this space.